Permission Model
42Forms uses a layered permission model. Permissions are resolved in order from most to least privileged - the first match wins.
Resolution Order
Section titled “Resolution Order”- AUTH_DISABLED: all permissions granted (dev/test only)
- Org membership: must be a member of the project’s org, or denied
- Org admin/owner: full access to all projects in the org
- Project creator: full access to that project
- PartitionAccount record: granular per-permission booleans
- Field group permissions: optional column-level read/edit restrictions
Partition Permissions
Section titled “Partition Permissions”Each user can be granted specific permissions on a partition:
| Permission | Description |
|---|---|
can_submit | Create new submissions |
can_read | Read own submissions |
can_read_all | Read all submissions in partition |
can_edit | Edit own submissions |
can_edit_all | Edit any submission |
can_delete | Delete own submissions |
can_delete_all | Delete any submission |
can_manage | Admin: grant/revoke permissions, approve/reject |
Own vs All
Section titled “Own vs All”The _all variants control whether a user sees only their own submissions or everyone’s:
- A user with
can_readbut notcan_read_allsees only submissions wherecreated_bymatches their account - A user with
can_edit_allcan edit any submission regardless of who created it
Field Group Permissions
Section titled “Field Group Permissions”For finer control, fields can be assigned to field groups. Partition accounts can then be granted read or edit access per group:
- No grant → field is hidden
read→ field is visible but read-onlyedit→ field is editable (subject to submission-level can_edit)
Privileged users (org admins, project creators) bypass field group restrictions.